package com.doudou.base.resources.config;

import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * @Author: 傻男人
 * @Date: 2020/5/25 11:28
 * @Version: 1.0
 * @Description:
 */
@Slf4j
@Configuration
@EnableResourceServer
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests().antMatchers("/druid/**",
                "/v2/api-docs",
                "/swagger-ui.html/**","/swagger-resources/**",
                "/v2/api-docs-ext","/doc.html","/webjars/**").permitAll()
                .antMatchers("/auth/**")
                .hasRole("SYS")
                .and().httpBasic()
                .and().antMatcher("/**")
                .authorizeRequests().anyRequest().authenticated();
    }

}
